Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Katherine Gasztonyi

Posts by Katherine Gasztonyi
Posted in Data Protection & Privacy Photo of Natalia GulyaevaPhoto of Maria SedykhPhoto of Katherine Gasztonyi

Russia: Main Takeaways from Roskomnadzor’s Open Doors Day

Recently, the Russian Data Privacy Authority (Roskomnadzor) organized an Open Doors Day in honor of the International Data Privacy Day. During the occasion, Roskomnadzor officers presented on the authority’s 2017 enforcement activities. They followed this presentation with an open question and answer period, during which they responded to numerous questions raised by attendees. We summarize the key takeaways below. 2017 Roskomnadzor Enforcement Highlights Data operators continue to register with the Roskomnadzor, with approximately 33,000 new data operators registering with the Roskomnadzor in 2017, bringing the total to just over 400,000

Posted in Data Protection & Privacy, Technology Photo of Katherine Gasztonyi

FTC Hosts FinTech Forum on Artificial Intelligence and Blockchain Technologies, Part II

As previously reported, on Thursday, March 9th, the Federal Trade Commission (FTC) hosted a forum on the consumer implications of recent developments in artificial intelligence (AI) and blockchain technologies. This is the second of two entries on the March 9th FinTech Forum. Today’s post focuses blockchain technologies. Coverage of the opening remarks and the AI discussion may be found here. Blockchain Technologies The panel discussions on blockchain technologies reflected the nascent stage of the technology, with industry representatives expressing confusion over the applicability of current regulation, and regulators expressing a

Posted in Data Protection & Privacy, Technology Photo of Katherine Gasztonyi

FTC Hosts FinTech Forum on Artificial Intelligence and Blockchain Technologies

On Thursday, March 9th, the Federal Trade Commission (FTC) hosted a forum on the consumer implications of recent developments in artificial intelligence (AI) and blockchain technologies. This was the FTC’s third forum on issues in FinTech. Previous FinTech Forums covered marketplace lending and crowdfunding and peer-to-peer payments. In opening remarks, the FTC acknowledged the benefits of technological developments in AI and blockchain technologies: AI promises better decision-making and personalized consumer technologies, while blockchain technologies would increase the efficiency of financial transactions and eliminate the need for the middleman, among other

Posted in Data Protection & Privacy Photo of Eduardo UstaranPhoto of Bret CohenPhoto of Katherine Gasztonyi

Details of Legal Challenge to Privacy Shield Revealed

Ever since the first draft of the EU-US Privacy Shield framework was published in early 2016, groups opposed to the idea have indicated their intent to challenge the legality of the framework under EU law. Recently, the privacy advocacy group Digital Rights Ireland (DRI) made good on that promise.  Following the filing of a formal complaint on 15 September asking for an annulment of the framework by the Court of Justice of the European Union (CJEU), DRI has now made public the details of its complaint. In the complaint, DRI

Posted in Data Protection & Privacy Photo of Timothy TobinPhoto of Katherine Gasztonyi

FTC Seeks Public Comment on Safeguards Rule

On 29 August the FTC announced a request for public comment on the Standards for Safeguarding Consumer Information Rule (the Safeguards Rule). The FTC promulgated the Safeguards Rule in 2002, implementing Title V of the Gramm-Leach-Bliley Act (GLBA), which required federal agencies to establish standards for the administrative, technical, and physical safeguards employed by financial institutions for certain information. In addition to general requests for comment, the FTC requested that five specific issues be addressed, which we have outlined below. Comments are due by November 7, 2016. The Safeguards Rule The

Posted in Data Protection & Privacy Photo of Katherine Gasztonyi

FPF Releases Guide for Consumer Wearables and Wellness Apps and Devices

On Wednesday, August 17, 2016, the Future of Privacy Forum (FPF) released a set of detailed guidelines for the collection and use of consumer-generated wellness data. The document, Best Practices for Consumer Wearables & Wellness Apps & Devices, was drafted by FPF with input from a wide range of stakeholders, including privacy advocates, companies, and regulators. The Best Practices guidelines set forth a Fair Information Practice Principles (FIPPs)-based trust framework that builds on existing legal expectations to provide a set of best practices designed to result in providing appropriate protections

Posted in Data Protection & Privacy Photo of Julie BrillPhoto of Michelle KisloffPhoto of Katherine Gasztonyi

FTC Unanimously Overturns Dismissal of LabMD Security Practices Case

In a case that could have far-reaching implications for how companies are held liable for data security lapses, the FTC issued an order and opinion unanimously overturning its Chief Administrative Law Judge’s (ALJ) November 2015 dismissal of charges that LabMD’s allegedly lax data security measures were unfair practices under Section 5 of the FTC Act (see our coverage of the ALJ’s decision here). The FTC found that the ALJ applied the incorrect legal standard for unfairness—that the question was not whether LabMD’s data security practices were “likely to cause” “substantial consumer injury”, but whether they

Posted in Data Protection & Privacy, TMT2020 Photo of Harriet PearsonPhoto of Eduardo UstaranPhoto of Bret CohenPhoto of Katherine Gasztonyi

TMT2020: Inside the New EU-U.S. Data Framework: A Practical Breakdown of the Privacy Shield

EDITOR’S NOTE:  We are excited to present this entry in our new TMT2020 series, which reflects the key technology, media, and telecoms legal issues that are expected to impact today’s organizations and tomorrow’s marketplace.  It also provides an opportunity to highlight contributions by TMT associates across our global offices and practice areas.  The February 29, 2016 announcement of the new EU-U.S. data transfer framework—the Privacy Shield—was accompanied by over 130 pages of documentation and significantly more operational details than its predecessor, Safe Harbor.  We have reviewed the Privacy Shield materials and

Posted in Data Protection & Privacy Photo of Timothy TobinPhoto of Harriet PearsonPhoto of Katherine Gasztonyi

CFPB Dives Into Data Security Enforcement

On March 2, 2016, the Consumer Financial Protection Bureau (CFPB) announced its first data security enforcement action in the form of a Consent Order with online payment platform Dwolla, Inc.  The five-year Consent Order is based on CFPB allegations that Dwolla engaged in deceptive acts and practices by misrepresenting to consumers that it had “reasonable and appropriate data security practices.”  Dwolla neither admitted nor denied that it engaged in data security misrepresentations.  The CFPB fined Dwolla $100,000, enjoined it from making further misrepresentations, and is requiring that it develop a

Posted in Data Protection & Privacy Photo of Eduardo UstaranPhoto of Harriet PearsonPhoto of Bret CohenPhoto of Katherine Gasztonyi

First Look: EU–U.S. Privacy Shield

On February 29, 2016, and after more than two years of negotiations with the U.S. Department of Commerce, the European Commission released its draft Decision on the adequacy of the new EU–U.S. Privacy Shield program, accompanied by new information on how the Program will work. The Privacy Shield documentation is significantly more detailed than that associated with its predecessor, the EU-U.S. Safe Harbor, as it describes more specifically the measures that organizations wishing to use the Privacy Shield must implement. Importantly, the Privacy Shield provides for additional transparency and processes

Posted in Data Protection & Privacy Photo of Timothy TobinPhoto of Katherine Gasztonyi

FDIC Publication Emphasizes Framework for Cybersecurity

Earlier this month, the Federal Deposit Insurance Corporation’s (FDIC) Division of Risk Management Supervision released “A Framework for Cybersecurity” in its Winter 2015 issue of Supervisory Insights. The FDIC article outlines the current and evolving cyber threat landscape and identifies the challenges presented by these threats as “critical” to financial institutions. The article describes regulatory steps the FDIC has taken and also how banks should incorporate cybersecurity into their overall risk management framework. The article is helpful for understanding the FDIC’s cybersecurity focus and the issues upon which it expects

Posted in Data Protection & Privacy Photo of Katherine Gasztonyi

What’s New in the Cybersecurity National Action Plan

On February 9, 2016, President Obama directed his Administration to implement a Cybersecurity National Action Plan (CNAP), calling it a “bold reassessment of the way we approach security in the digital age.” Certainly, the cybersecurity budget increase associated with CNAP is significant: the 2017 Presidential Fiscal Year budget will be $19 billion—35% above that of Fiscal Year 2016. What is likely most significant about CNAP, however, is that it represents continuity of focus and investment in cybersecurity even at the end of an Administration when it would be all too easy to

Posted in Data Protection & Privacy Photo of Katherine Gasztonyi

California District Court Dismisses TCPA Putative Class Action Against AOL

On Monday, June 1, a District Court in the Northern District of California granted AOL’s motion to dismiss plaintiff Nicholas Derby’s putative TCPA class action complaint on the grounds that the complaint failed to allege facts sufficient to establish that the AOL Instant Messenger (AIM) service was an automatic telephonic dialing system (ATDS) under the Act. Notably, the court did not wait until discovery had been conducted to determine whether the AIM service qualified as an ATDS.